Avoid unconditional getrandom syscall creating a WasiCtx (#5244)

This commit updates the default random context inserted into a `WasiCtxt` to be seeded from `thread_rng` rather than the system's entropy. This avoids an unconditional syscall on the creation of all `WasiCtx` structures shouldn't reduce the quality of the random numbers produced.
bytecodealliance · Nov 10, 2022 · 1f09954 · 1f09954
1 parent 92f6fe3
commit 1f09954
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/crates/wasi-common/cap-std-sync/src/lib.rs b/crates/wasi-common/cap-std-sync/src/lib.rs
@@ -47,7 +47,7 @@ pub use clocks::clocks_ctx;
 pub use sched::sched_ctx;
 
 use crate::net::Socket;
-use cap_rand::RngCore;
+use cap_rand::{Rng, RngCore, SeedableRng};
 use std::path::Path;
 use wasi_common::{file::FileCaps, table::Table, Error, WasiCtx, WasiFile};
 
@@ -141,5 +141,6 @@ impl WasiCtxBuilder {
 }
 
 pub fn random_ctx() -> Box<dyn RngCore + Send + Sync> {
-    Box::new(cap_rand::std_rng_from_entropy(cap_rand::ambient_authority()))
+    let mut rng = cap_rand::thread_rng(cap_rand::ambient_authority());
+    Box::new(cap_rand::rngs::StdRng::from_seed(rng.gen()))
 }